[Dshield] Port 135

J. Foobar jfoobar1 at yahoo.com
Fri Oct 18 22:16:42 GMT 2002


Playing the devil's advocate (attorney for the
defendent) here...

--- John Hardin <johnh at aproposretail.com> wrote:
> Putting up a web server or mail server and knowingly
> allowing the
> traffic through your firewall is implicit
> authorization for the public
> to access that server.

So my client is required to have specific knowledge of
your *intent* in allowing a port through your
firewall?
Do I need to establish your intent in leaving port 80
open before I connect to your web server?

The lack of presence of software on your end, e.g., a
web server or a mail server, does not illegitimize a
port that you leave open.

> Having an unusual service running by default, that
> you may not even be
> aware of, and by accident or oversight - but *not*
> knowingly - allowing
> traffic through your firewall to that service, is
> not something I would
> call authorization for public access.

"Unusual service?"  

*cue "expert" witness to speak on this subject*

> Ignorance perhaps, clumsiness perhaps, but not
> authorization. Thus the
> access is unauthorized.

You have no explicit intent to do harm, no definable
monetary loss, and a prosecution that relies on
showing that the "attacker" must have known that port
135 was off limits because anyone that would leave
such an "unusual service" open to the Internet would
have to be "ignorant" or "clumsy."

Your honor, we find for the defendent.

Regards,
Justin

__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com




More information about the list mailing list